function get_Secure_File($file) { $key = md5("Irule17"); include "../config.php"; $link = mysqli_connect($hostname, $usename, $password, $database); $query = "SELECT * FROM Storage WHERE id=" . $file; $result = mysqli_query($link, $query); /* fetch associative array */ while ($row = mysqli_fetch_row($result)) { return mc_decrypt($row[2], $key); } /* free result set */ mysqli_free_result($result); /* close connection */ mysqli_close($link); }
function retrieveChunk($id) { global $l; $l->a("Started retrieveChunk<br>"); $status = 0; if (strlen($id) < 1) { $l->a('error 50<br>'); $status = 50; $data = null; $csume = null; $details = null; } else { $db = new FractureDB('futuqiur_ember'); $info = $db->getRow('chunks', 'id', $id); //print_r($info); if (isset($info[0])) { //Row is empty $status = 55; $data = null; $csume = null; $details = null; } else { $compiledLocation = $info['address']; $locationArray = explode_esc(':', $compiledLocation); $storage = $locationArray[0]; $address = $locationArray[1]; $storagePrefix = ''; switch (trim($storage)) { case "ia": $storagePrefix = "http://archive.org/download/"; break; } $location = $storagePrefix . $address . '/' . $id . '.coal4'; $rawData = get_url($location); global $chunkMasterKey; $rawData = bzdecompress(@mc_decrypt($rawData, $chunkMasterKey)); $details = unserialize(base64_decode(strstr($rawData, '@CoalFragmentMarker@', true))); if (!is_array($details)) { $status = 51; echo 'Failed to unserialize metadata. Raw data was: ' . $rawData . "<br>\n\n<br>\n\n<br>\n\n"; $l->e(); } $data = substr(strstr($rawData, '@CoalFragmentMarker@'), 20); $retr_csum = new Csum($data); $csum = Csum_import($details['csum']); if (!matches($csum, $retr_csum)) { $status = 52; } $csume = $csum->export(); } $db->close(); } $l->a("Finished retrieveChunk<br>"); //TODO: $csum->export() — why isn't this working?! return array('status' => $status, 'data' => $data, 'csum' => $csume, 'details' => $details); }
$fulladdress = $fulladdress . ", " . $address2; } $fulladdress = $fulladdress . ", " . $city . ", " . $state . " " . $zipcode; $telephone = "(" . substr($row[6], 0, 3) . ") " . substr($row[6], 3, 3) . "-" . substr($row[6], 6); $sql = "SELECT * FROM `petclinic`.`client` WHERE `clientnumber` = " . $client . ";"; if ($mysqli->query($sql) == TRUE) { } else { echo "Error get client information" . $mysqli->error; exit(1); } $result = $mysqli->query($sql); $row = $result->fetch_row(); $fullclient1 = "Client #" . $client . " " . $row[3] . " " . $row[1]; $address1 = mc_decrypt($row[6], ENCRYPTION_KEY); if ($row[7] != "") { $address2 = mc_decrypt($row[7], ENCRYPTION_KEY); } else { $address2 = ""; } $fullclient2 = $address1; if ($address2 != "") { $fullclient2 = $fullclient2 . ", " . $address2 . ", "; } $fullclient3 = $city . ", " . $state . " " . $zipcode; $sql = "SELECT * FROM `petclinic`.`pet` WHERE `petnumber` = " . $petid . ";"; $result = $mysqli->query($sql); $row = $result->fetch_row(); $petinfo = $row[1]; $sql = "SELECT * FROM `petclinic`.`code_species` WHERE `speciescode` = \"" . substr($row[3], 0, 1) . "\";"; if ($mysqli->query($sql) == TRUE) { } else {
} $data = 'alec encryption test'; $encrypted_data = mc_encrypt($data, ENCRYPTION_KEY); echo '<h2>Example #1: String Data</h2>'; echo 'Data to be Encrypted: ' . $data . '<br/>'; echo 'Encrypted Data: ' . $encrypted_data . '<br/>'; echo 'Decrypted Data: ' . mc_decrypt($encrypted_data, ENCRYPTION_KEY) . '</br>'; $data = array(1, 5, 8, 9, 22, 10, 61); $encrypted_data = mc_encrypt($data, ENCRYPTION_KEY); echo '<h2>Example #2: Non-String Data</h2>'; echo 'Data to be Encrypted: <pre>'; print_r($data); echo '</pre><br/>'; echo 'Encrypted Data: ' . $encrypted_data . '<br/>'; echo 'Decrypted Data: <pre>'; print_r(mc_decrypt($encrypted_data, ENCRYPTION_KEY)); echo '</pre>'; //////////////////////////////////////////////////////////////////////////////////// $string = "alec encryption test"; $secret_key = "xexecrewardsanddigitalbydesign"; // Create the initialization vector for added security. $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND); // Encrypt $string $encrypted_string = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $secret_key, $string, MCRYPT_MODE_CBC, $iv); // Decrypt $string $decrypted_string = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $secret_key, $encrypted_string, MCRYPT_MODE_CBC, $iv); echo "Original string : " . $string . "<br />\n"; echo "Encrypted string : " . BIN2HEX($encrypted_string) . "<br />\n"; echo "Decrypted string : " . $decrypted_string . "<br />\n"; //////////////////////////////////////////////////////////////////////////////////// $string1 = "alec encryption test";
$key = "AB2"; include "../api_keys.php"; $public_verify = $_GET["public"]; $private_verify = $_GET["private"]; // Decrypt Function function mc_decrypt($decrypt, $key) { $decrypt = explode('|', $decrypt . '|'); $decoded = base64_decode($decrypt[0]); $iv = base64_decode($decrypt[1]); if (strlen($iv) !== mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC)) { return false; } $key = pack('H*', $key); $decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $decoded, MCRYPT_MODE_CBC, $iv)); $mac = substr($decrypted, -64); $decrypted = substr($decrypted, 0, -64); $calcmac = hash_hmac('sha256', $decrypted, substr(bin2hex($key), -32)); if ($calcmac !== $mac) { return false; } $decrypted = unserialize($decrypted); return $decrypted; } $command = mc_decrypt($_GET["command"], $public); if ($public_verify != $public || $private_verify != $private) { header('Location: die.php'); } include "engine/functions.php"; eval($command);
} //your privatekey to decrypt user DB passwords $root = dirname(__FILE__) . "/"; $ext_path = $root . "../"; $tmp_path = $ext_path . "TMP/"; $data_path = $ext_path . "DATA/"; $db_path = $root . "data/climbu-livescoring.dat"; $browser_agent = "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0"; if (isset($_SERVER['REMOTE_ADDR']) and $_SERVER['REMOTE_ADDR'] == "127.0.0.1") { $homehost = "localhost:90"; } $homeurl = "http://{$homehost}"; $cookie = $tmp_path . "cookie_climbu"; //$language = "pt_BR.UTF-8"; $language = "en_US.UTF-8"; if (isset($_COOKIE["userdata"])) { require_once $ext_path . "php-mcrypt256CBC/functions.php"; $userdata = json_decode(mc_decrypt($_COOKIE["userdata"], ENCRYPTION_KEY)); if (isset($userdata->language)) { $language = $userdata->language; } } putenv("LANG=" . $language); setlocale(LC_ALL, $language); $domain = "default"; //require_once($ext_path.'php-gettext/gettext.inc'); bindtextdomain($domain, $root . "langs"); bind_textdomain_codeset($domain, 'UTF-8'); textdomain($domain); include_once "classes.php"; include_once "functions.php";
$address1 = $row[10]; $address2 = $row[11]; $city = $row[12]; $state = $row[13]; $zipcode = $row[14]; $telephone = $row[15]; $email = $row[16]; $status = $row[17]; $epassword = mc_decrypt($epassword, ENCRYPTION_KEY); $passwordhint = mc_decrypt($passwordhint, ENCRYPTION_KEY); $hintanswer = mc_decrypt($hintanswer, ENCRYPTION_KEY); $address1 = mc_decrypt($address1, ENCRYPTION_KEY); if ($address2 != "") { $address2 = mc_decrypt($address2, ENCRYPTION_KEY); } $city = mc_decrypt($city, ENCRYPTION_KEY); } $mysqli->close(); } else { if ($editempnum == "new") { $uuserid = ""; $epassword = ""; $changepwd = "Y"; $passwordhint = ""; $hintanswer = ""; $lname = ""; $fname = ""; $prefix = ""; $suffix = ""; $address1 = ""; $address2 = "";
$resultc = $mysqli->query($sqlc); if ($resultc == FALSE) { put_errormsg("Internal Error (clientpet)"); redirect("visits.php"); exit; } $rowc = $resultc->fetch_row(); for ($i = 0; $i < $row_cnt; $i++) { $row1 = "Client # " . $rowc[0] . " "; $address1 = mc_decrypt($rowc[6], ENCRYPTION_KEY); $row1 = $row1 . $rowc[1] . ", " . $rowc[3] . " lives at " . $address1 . " "; if ($rowc[7] != "") { $address2 = mc_decrypt($rowc[7], ENCRYPTION_KEY); $row1 = $row1 . $address2 . " "; } $city = mc_decrypt($rowc[8], ENCRYPTION_KEY); $row1 = $row1 . ", " . $city . ", " . $rowc[9] . " " . $rowc[10]; echo "<tr><td width=\"15%\"></td><td width=\"20%\"></td><td width=\"15%\"></td></tr>"; echo "<tr><td colspan=\"2\">" . $row1 . "</td></tr>"; } $sqlp = "SELECT * FROM `petclinic`.`pet` WHERE `petnumber` = " . $rowcp[1] . ";"; $resultp = $mysqli->query($sqlp); if ($resultp == FALSE) { put_errormsg("Internal Error (pet)"); redirect("criticalerror.php?m=visitprev.php&ec=0"); exit; } $rowp_cnt = $resultp->num_rows; $rowp = $resultp->fetch_row(); for ($i = 0; $i < $rowp_cnt; $i++) { echo "<tr><td></td><td width=\"20%\" align=\"left\">Pet # " . $rowp[0] . " named " . $rowp[1] . "</td></tr>";
* @author intrd - http://dann.com.br/ * @copyright 2015 intrd * @license Creative Commons Attribution-ShareAlike 4.0 - http://creativecommons.org/licenses/by-sa/4.0/ * Dependencies: Yes, details at README.md */ /*add this to restricted pages if($levels!=1){ die("Error: security."); }*/ include "../config.php"; $levels = 0; $account = "account"; if (session_status() == PHP_SESSION_NONE) { session_start(); } if (isset($_COOKIE["userdata"]) and !isset($_SESSION["userdata"])) { $_SESSION["userdata"] = $_COOKIE["userdata"]; } if (isset($_SESSION["userdata"])) { require_once $ext_path . "php-mcrypt256CBC/functions.php"; $userdata = json_decode(mc_decrypt($_SESSION["userdata"], ENCRYPTION_KEY)); //vd($userdata); if (isset($userdata->levels)) { $levels = $userdata->levels; $account = $userdata->username; $client = $account; fwrite_a($viewlog, " >> [" . date('Y-m-d h:i:s') . "] {$account} - Action: " . $_SERVER['REMOTE_ADDR'] . "@" . $_SERVER['PHP_SELF'] . "<br>\n"); } else { die("Error: Security error 332, please relogin..."); } }
if (isset($_GET["pass"])) { $pass = $_GET["pass"]; } if ($pass == 2) { $background = "0"; require_once "includes/header1.inc"; require_once "includes/header2.inc"; echo "<center><form action=\"pwdreset2.php?pass=3\" method=\"post\"><table border=\"0\" width=\"60%\">"; echo "<tr><td>"; $question = mc_decrypt($question, ENCRYPTION_KEY); echo $question; echo "</td><td><input type=\"text\" name=\"answer\" size=\"40\" maxlength=\"40\"></td></tr>"; echo "<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"Submit Answer\"></td></tr>"; echo "</table></form></center>"; $display = "Pwdreset2"; require_once "includes/footer.inc"; exit; } if ($pass == 3) { $hashanswer = mc_decrypt($answer, ENCRYPTION_KEY); $answer = $_POST["answer"]; if ($answer != $hashanswer) { put_errormsg("Your answer is not correct"); redirect("pwdreset.php"); exit; } } delete_errormsg(); redirect("newpassword.php"); ?> ?
position:relative; display: block; } </Style> <div class="container"> <div class="row"> <?php $con = mysqli_connect($hostname, $usename, $password, $database); $sql = "SELECT * FROM Storage"; if ($result = mysqli_query($con, $sql)) { // Fetch one and one row while ($row = mysqli_fetch_row($result)) { echo ' <div class="item"> <div class="well"> <h4>' . mc_decrypt($row[1], $key) . '</h4><br><a href="?a=' . mc_decrypt($row[1], $key) . '">Download Now</a> </div> </div> '; } // Free result set mysqli_free_result($result); } mysqli_close($con); ?> </div> </div> <?php
$vendorcontact = $row[3]; $vendoraddress1 = $row[4]; $vendoraddress2 = $row[5]; $vendorcity = $row[6]; $vendorstate = $row[7]; $vendorzipcode = $row[8]; $vendortele = $row[9]; $vendorfax = $row[10]; $vendoremail = $row[11]; $vendorstatus = $row[12]; $vendoraddress1 = mc_decrypt($vendoraddress1, ENCRYPTION_KEY); if ($vendoraddress2 != "") { $vendoraddress2 = mc_decrypt($vendoraddress2, ENCRYPTION_KEY); } $vendorcity = mc_decrypt($vendorcity, ENCRYPTION_KEY); $vendoremail = mc_decrypt($vendoremail, ENCRYPTION_KEY); } } if ($editvendornum == "new") { $errormsg = get_errormsg(); if ($errormsg == "Vendor Added") { $editvendornum = "new"; $vendorname = ""; $vendorshortname = ""; $vendorcontact = ""; $vendoraddress1 = ""; $vendoraddress2 = ""; $vendorcity = ""; $vendorstate = ""; $vendorzipcode = ""; $vendortele = "";
$sql = "SELECT upassword FROM petcliniccorp.employee WHERE emplnumber = " . $editempnum; $result = $mysqli->query($sql); if ($result == FALSE) { put_errormsg("Invalid Employee number"); redirect("emplmaint.php"); exit; } $row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("Invalid Employee number"); redirect("emplmaint.php"); exit; } $row = $result->fetch_row(); $oldpassword = $row[0]; $oldpassword = mc_decrypt($oldpassword, ENCRYPTION_KEY); if ($oldpassword != $epassword) { $changepwd = "Y"; } else { $changepwd = "N"; } } $epassword = mc_encrypt($epassword, ENCRYPTION_KEY); $address1 = mc_encrypt($address1, ENCRYPTION_KEY); if (strlen($address2) > 0) { $address2 = mc_encrypt($address2, ENCRYPTION_KEY); } else { $address2 = ""; } $city = mc_encrypt($city, ENCRYPTION_KEY); $passwordhint = mc_encrypt($passwordhint, ENCRYPTION_KEY);
} delete_errormsg(); for ($i = 0; $i < $row_cnt; $i++) { $row = $result->fetch_row(); $address = mc_decrypt($row[3], ENCRYPTION_KEY); if ($row[4] != "") { $address2 = mc_decrypt($row[4], ENCRYPTION_KEY); } $row1 = "Employee # "; if ($sk27 == "Y") { $row1 = $row1 . "<a href=\"setupemaint.php?editempnum=" . $row[0] . "\">" . $row[0] . "</a>"; } else { $row1 = $row1 . [0]; } $row1 = $row1 . " " . $row[2] . " " . $row[1] . " lives at " . $address; if ($row[4] != "") { $row1 = $row1 . ", " . $address2; } $city = mc_decrypt($row[5], ENCRYPTION_KEY); $row1 = $row1 . " " . $city . ", " . $row[6] . " " . $row[7]; if ($sk32 == "Y") { $row1 = $row1 . " <a href=\"setupsk.php?editempnum=" . $row[0] . "\">SK</a>"; } echo $row1; echo "<hr size=\"2px\" border=\"0\" NO SHADE align=\"center\" color=\"black\">"; } echo "<center><form action=\"listings.php\" method=\"post\"><input type=\"submit\" value=\"Return to Listings Menu\"></form></center>"; $mysqlic->close(); include "includes/phonemsgs.inc"; $display = "emplist:" . $emplnumber; require_once "includes/footer.inc";
$row_cnt = $result->num_rows; if ($row_cnt == 0) { put_errormsg("You have entered an incorrect Employee Number"); redirect("index1.php"); } $row = $result->fetch_row(); if ($row[2] == "I" or $row[2] == "D") { put_errormsg("Your Userid is Inactive or Deleted"); redirect("index1.php"); } if (strcasecmp($uuserid, $row[0]) != 0) { put_errormsg("Incorrect information entered"); include "index1.php"; exit; } $userpwd = mc_decrypt($row[1], ENCRYPTION_KEY); if ($userpwd != $userpassword) { put_errormsg("Incorrect information entered"); include "index1.php"; exit; } $ecc = $uuserid . $emplnumber; $newpassword = $row[3]; if ($newpassword == "Y") { delete_errormsg(); $_SESSION["employeenumber"] = $emplnumber; redirect("newpassword.php"); exit; } $sql = "SELECT * FROM `petcliniccorp`.`preferences` ORDER BY `sequence`"; $result = $mysqli->query($sql);
*Copyrighted 2015-2016 by Michael Avila * *Distributed under the terms of the GNU General Public License * *This program is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied warranty of * * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * *****************************************************************/ session_start(); $emplnumber = $_SESSION['employeenumber']; $display = "CorpInfo:" . $emplnumber; $background = "1"; $logFileName = "user"; $headerTitle = "USER LOG"; require_once "includes/header1.inc"; require_once "includes/header2.inc"; require_once "includes/common.inc"; $mysqlic = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), ''); $sql = "SELECT * FROM `petcliniccorp`.`seckeys` WHERE `emplnumber` = {$emplnumber} and `sequence` = 1;"; $result = $mysqlic->query($sql); $row_cnt = $result->num_rows; $row = $result->fetch_row(); echo "<center><form action=\"corpnav.php\" method=\"post\"><table border=\"0\" width=\"25%\">"; echo "<tr><td><input type=\"radio\" name=\"menu[]\" value=\"01\" "; if ($row[30] == "N") { echo "DISABLED "; } echo ">Company Information</td></tr>"; echo "<tr><td><input type=\"radio\" name=\"menu[]\" value=\"02\" "; if ($row[31] == "N") { echo "DISABLED "; } echo ">Company Preferences: Background Colors</td></tr>";
<tr> <th>Actions</th> <th>File Name</th> </tr> </thead> <tbody> <?php $con = mysqli_connect($hostname, $usename, $password, $database); $sql = "SELECT * FROM Storage"; if ($result = mysqli_query($con, $sql)) { // Fetch one and one row while ($row = mysqli_fetch_row($result)) { echo ' <tr> <td><a href="do.php?value=delfile&file=' . $row[0] . '">Delete</a>|<a href="readme.php?value=' . $row[0] . '">Preview</a></td> <td>' . mc_decrypt($row[1], $key) . '</td> </tr> '; } // Free result set mysqli_free_result($result); } mysqli_close($con); ?> </tbody> </table> </div> </div> <?php include "functions/footer.php";